Skip to content
Commit 1da61e80 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

PR: 2009

Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
parent da6ce182
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment